I recently presented the paper “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks on Real World Crypto 2022 and IEEE Security & Privacy 2022. If you want to get more info on the paper including a pre-print and additional material, check out its page. The RWC slides are available as well as the IEEE S&P slides.
Furthermore, the level of interest in the talk and the tools for analysis of constant-time cryptographic code motivated me to start a Github page collecting these tools at crocs-muni.github.io/ct-tools/. I hope that in the future this page can have tutorials and guides on using these tools crowdsourced from the community.
When I was in San Francisco for IEEE S&P I
abused my jetlag and went for a very early walk around SF. I also took some photos.
Thanks a lot for the following photos from RWC 2022 to Benoit Viguier!